Setting compliance options

Depending on the workflow configuration, users may be required to enter an electronic signature when setting specific workflow states on files. See Entering electronic signatures. You can set compliance options to specify the maximum number of attempts users have to enter the correct signature password before they are logged out, the signature components, and a certification message to display with the signature to meet regulatory compliance requirements.

Electronic signatures are validated by comparing the password with the username and password. For Active Directory or LDAP users, the electronic signature is validated through the Helix ALM License Server and the Active Directory/LDAP server. Users who log in using an identity provider must authenticate with the provider to validate their signature.

If your organization uses an identity provider, such as SAML or OpenID Connect, to authenticate Surround SCM logins, make sure you review important information about configuring the provider to make sure electronic signatures are valid. See the license server help for information.

1. Choose Tools > Administration > Server Options.

The Server Options dialog box opens.

2. Select Compliance from the Mainline Options category.

3. Select the Maximum attempts before logging out a user to specify the number of failed attempts to enter the correct electronic signature password before users are automatically logged out. Any unsaved changes are discarded when the user is logged out. The default value is 3 attempts. You can select a value between 1 and 10 or select <unlimited> to allow unlimited attempts.

If users use an identity provider to log in to Surround SCM clients, failed authentication attempts in the identity provider indicate that the Helix ALM License Server timed out when waiting for the provider to return a successful login. If the user attempts to authenticate in the provider multiple times within 60 seconds, the license server only logs one failed login attempt. If the user leaves their computer without authenticating with the provider, the license server gets the same return status of a failed login attempt. The number of failed login attempts is used when counting the maximum login attempts.

4. Select a Signature Components option to specify if users are required to enter their password (One component required) or their username and password (Two components required). This setting is ignored if authentication through an identity provider is used.

5. Select Signature meaning is required to require users to enter a reason for signing off on files in the selected state.

A signature meaning that indicates review, approval, responsibility, or authoring of files is required for Title 21 CFR Part 11 compliance.

6. Enter a Certification and testimony message to display in the Signature Required dialog box.

This read-only message is displayed in the dialog box to explain the purpose of the signature, which is required for Title 21 CFR Part 11 compliance.

7. Click OK to save the changes.